User support system for cryptographic communication in network systems

ABSTRACT

A user support system for cryptographic communication includes a key storage for storing keys used for deciphering, a deciphering part for deciphering an enciphered communication text into a deciphered communication text using a key, and a controller for starting the deciphering part only when an input communication text is the enciphered communication text and for supplying the key that is necessary for the deciphering in the deciphering part by retrieving the key from the key storage.

BACKGROUND OF THE INVENTION

[0001] The present invention generally relates to user support systemsfor cryptographic communication, and more particularly to a user supportsystem for cryptographic communication wherein a communication is madeby enciphering and deciphering the communication in a network system.

[0002] When making a communication in a network system in which anunspecified large number of computers are connected, there is apossibility that the communication content is tapped at a repeater siteor, the communication is made by a person identifying himself as theauthorized user. Because of such possibilities, it is necessary toguarantee the security of the communication by enciphering thecommunication or, adding to the communication content a certificate orproof which is given by a third party and certifies or proves that thesignature of the sender is that of himself, that is, the authorizeduser.

[0003] Various enciphering systems have been proposed. According to theDES system, a secret key which is common between the communicating usersis prepared, and the enciphering is made by use of this secret key. Theprocessing speed of this DES system is high, but the secret key must beheld for each communicating user thereby making the key managementdifficult.

[0004] On the other hand, the RSA system prepares a secret keycorresponding to a public key, and the enciphering is made by use of thepublic key or the secret key. The deciphering is made using the secretkey when the enciphering is made using the public key, and thedeciphering is made using the public key when the enciphering is madeusing the secret key. The number of required keys can be reducedaccording to this RSA system, however, the processing speed is low and along processing time is necessary.

[0005] Accordingly, the PEM system which combines the DES system and theRSA system has been proposed.

[0006]FIG. 1 shows an example of a conventional cryptographiccommunication system employing the PEM system. The PEM system enciphersthe mail text by a DES secret key according to the DES system, andenciphers this DES secret key by a public key of the receiving useraccording to the RSA system. The DES secret key is a session key whichis generated at random using time information and the like whenenciphering the mail. The receiving user obtains the mail, including theenciphered mail text of the transmitting user and the DES secret key, bya secret key of the receiving user. In other words, the receiving userdeciphers the DES secret key using the DES secret key, and deciphers theenciphered mail text by using the deciphered DES secret key.

[0007] In FIG. 1, it is assumed for the sake of convenience that thecryptographic communication employing the PEM system is made from atransmitting (or sending) user A of a transmitting (or sending) system Sto a receiving user B of a receiving system R so as to transmit a mailtext (communication text) 300.

[0008] In the transmitting system S, a DES secret key 301 is generatedat random using time information and the like when enciphering the mailtext 300 according to the DES system. A public key 301′ of the user B ismade by the user B and made public to the user A. A secret key of theuser B, made in advance and secretly held by the user B is provided incorrespondence with the public key of the user B.

[0009] In FIG. 1, a process 302 enciphers the mail text 300 according tothe DES system using the DES secret key 301. A process 303 enciphers theDES secret key 301 according to the RSA system using the public key ofthe user B. Transmitting information 304 is the information to betransmitted in the network.

[0010] An enciphered DES secret key 305 is the DES secret key 301 whichhas been enciphered according to the RSA system. An enciphered mail text306 is the mail text 300 which has been enciphered according to the DESsystem using the DES secret key 301.

[0011] On the other hand, in the receiving system R, A secret key 307 ofthe user B is secretly held in correspondence with the public key of theuser B. A process 307′ deciphers the enciphered DES secret key 301 whichhas been enciphered according to the RSA system, using the secret key305 of the user B. A process 308 deciphers the enciphered mail text 306which has been enciphered according to the DES system, using thedeciphered DES secret key 301. A deciphered mail text 309 is the mailtext which is obtained by the deciphering process 308.

[0012] In the PEM system shown in FIG. 1, the transmitting user A of thetransmitting system S makes the enciphered mail to be transmitted to thereceiving user B of the receiving system R, and the receiving user Bdeciphers the enciphered mail in the following manner.

[0013] First, the transmitting user A makes the mail text 300, andstarts an enciphering unit. The transmitting user A generates the DESsecret key 301 by a secret key generator which is not shown in FIG. 1but will be described later in conjunction with FIG. 3A, and enciphersthe mail text 300 according to the DES system using the DES secret key301. Then, the transmitting user A obtains the public key 301′ of thereceiving user B, and enciphers the DES secret key 301 according to theRSA system using the public key 301′ of the receiving user B. Usually,the public key 301′ of the receiving user B is stored in a file such asa floppy disk.

[0014] The enciphered mail text 306 which has been enciphered accordingto the DES system and the enciphered DES secret key 305 which has beenenciphered according to the RSA system are transmitted to the receivinguser B.

[0015] The user B starts a deciphering unit when the receiving user Bconfirms that the enciphered mail text 306 is being transmitted to thereceiving user B. The receiving user B obtains his own secret key 307which corresponds to the public key made public to the transmitting userA, and uses this secret key 307 to decipher the DES secret key 305 whichhas been enciphered using the public key of the receiving user B.Usually, the secret key 307 is secretly stored in a floppy disk or thelike. In addition, the deciphered mail text 309 is output.

[0016]FIG. 2 shows an example of a conventional cryptographiccommunication system employing a signature check system. According tothe signature check system, the transmitting user A enciphers the mailtext, and adds his signature when transmitting the enciphered mail textto the receiving user B.

[0017] In the transmitting system S shown in FIG. 2, a mail text 330 isto be transmitted to the receiving user B. A secret key 331 of thetransmitting user A is formed in advance by the transmitting user A incorrespondence with the public key of the transmitting user A, and issecretly stored in a floppy disk or the like. A public key 332 of thetransmitting user A is formed by the transmitting user A and is madepublic to the destination of the communication, that is, the receivinguser B. The public key 332 of the transmitting user A corresponds to thesecret key 331 of the transmitting user A.

[0018] A digest 333 is regarded as the signature of the transmittinguser A, and is obtained by subjecting the mail text 330 to a datacompression. This digest 333 is enciphered into an enciphered digest 334according to the RSA system using the secret key 331 of the transmittinguser A. This enciphered digest 334 is regarded as an electronicsignature of the transmitting user A.

[0019] An enciphering unit 340 enciphers the mail text 330 according tothe PEM system, into an enciphered mail text 341.

[0020] On the other hand, in the receiving system R, a process 335deciphers the received signature using the public key 332 of thetransmitting user A, and a deciphered digest 336 is obtained. Adeciphering unit 342 employs the PEM system and deciphers the encipheredmail text 341 which is transmitted from the transmitting user A into adeciphered mail text 343. A digest 344 of the deciphered mail text 343is obtained by subjecting the deciphered mail text 343 to a datacompression.

[0021] A collating process 345 compares the deciphered digest 336 whichis obtained by deciphering the enciphered digest 334 using the publickey 332 of the transmitting user A and the digest 344 of the decipheredmail text 343 which has been deciphered in the deciphering unit 342. Thecollating process 345 makes this comparison so as to check thesignature.

[0022] In FIG. 2, the transmitting user A first makes the mail text 330.This mail text 330 is subjected to a data compression and regarded asthe signature of the transmitting user A, and the transmitting user Afurther enciphers the compressed mail text using the secret key 331 ofthe transmitting user A. The enciphered signature of the transmittinguser A is transmitted to the receiving user B. On the other hand, themail text 330 is enciphered in the enciphering unit 340, and theenciphered mail text 341 is transmitted to the receiving user B.

[0023] In the receiving system R, the receiving user B obtains thepublic key 332 of the transmitting user A (corresponding to the secretkey 331 of the transmitting user A) which is received in advance, andobtains the deciphered digest 336 by deciphering the signature of thetransmitting user A (enciphered digest 334) using the public key 332 ofthe transmitting user A.

[0024] On the other hand, the receiving user B receives the encipheredmail text 341 which is transmitted from the transmitting user A, anddeciphers this enciphered mail text 341 in the deciphering unit 342. Thereceiving user B then forms the digest of the deciphered mail text 343.In addition, the deciphered digest 336 which is obtained from theenciphered digest (signature) 334 and the digest 344 which is formedfrom the deciphered mail text 343. If the two compared digests 336 and344 match, it is regarded that the signature is correct. But it isregarded that the signature is incorrect if the two compared digests 336and 344 do not match.

[0025]FIGS. 3A and 3B are diagrams for explaining the constructions of aconventional enciphering unit and a conventional deciphering unit.

[0026] The enciphering unit shown in FIG. 3A enciphers a mail text 350.A storage 351 stores the public key of the transmitting user A. Astorage 352 stores a secret key of the transmitting user A incorrespondence with the public key of the transmitting user A. A DESsecret key generator 353 generates a secret key (session key) at randomusing random numbers, time information and the like when making theenciphering process according to the DES system.

[0027] A storage 354 stores a public key of the receiving user B. Asignature part 356 forms a digest of the mail text 350 and enciphersthis digest using the secret key of the transmitting user A. Anenciphering part enciphers the mail text 350 according to the DESsystem. An output part 358 outputs the enciphered signature of thetransmitting user A and the enciphered mail text to the network.

[0028] The deciphering unit shown in FIG. 3B deciphers the encipheredmail 360 which is transmitted from the transmitting user A. A normalmail 361 has not been enciphered. A spool file 362 is a file common tothe network on the receiving end, and stores the enciphered mail 360 andthe received normal mail 361. A mail box 363 is a file which stores amail intended for the receiving user B, that is, the mail having thereceiving user B as its destination.

[0029] A deciphering part 364 inputs the enciphered mail intended forthe receiving user B, and deciphers the enciphered mail using the secretkey of the receiving user B or the like that is necessary for thedeciphering process. A storage 366 stores the public key of thetransmitting user A. A signature check part 367 deciphers the signatureof the enciphered mail intended for the receiving user B using thepublic key of the transmitting user A, and checks the signature. Adeciphered mail output part 368 outputs the deciphered mail text and thesignature check result.

[0030] According to the conventional cryptographic communicationsystems, complicated key management was required at the transmittinguser A who enciphers the mail and at the receiving user B who deciphersthe enciphered mail, in order to provide complete security from thetransmitting user A to the receiving user B. In addition, it wasnecessary to carry out the troublesome process of starting theenciphering unit and starting the deciphering unit every time thecommunication is made. As a result, there were problems in that thecomplicated key management and troublesome operations are required.

SUMMARY OF THE INVENTION

[0031] Accordingly, it is a general object of the present invention toprovide a novel and useful user support system for cryptographiccommunication, in which the problems described above are eliminated.

[0032] Another and more specific object of the present invention is toprovide a user support system for cryptographic communication comprisingkey storage means for storing keys used for deciphering, decipheringmeans for deciphering an enciphered communication text into a decipheredcommunication text using a key, and control means for starting thedeciphering means only when an input communication text is theenciphered communication text and for supplying the key that isnecessary for the deciphering in the deciphering means by retrieving thekey from the key storage means. According to the user support system ofthe present invention, the cryptographic communication can be madewithout the user having to start the enciphering unit. In addition, thekey management is simple, so that the user does not have to be aware ofthe key necessary for the enciphering when making the cryptographiccommunication. Therefore, the user can make the communication betweenthe networks safely and in a simple manner by only making a normalcommunication text.

[0033] Still another object of the present invention is to provide theuser support system described above which further comprises encipheringmeans for enciphering a communication text into an encipheredcommunication text which is to be transmitted using a key, where the keystorage means further stores keys used for enciphering, and the controlmeans starts the enciphering means only when an input communication textis the communication text to be transmitted by a cryptographiccommunication and for supplying the key that is necessary for theenciphering in the enciphering means by retrieving the key from the keystorage means. According to the user support system of the presentinvention, the cryptographic communication can be made without the userhaving to start the deciphering unit. In addition, the key management issimple, so that the user does not have to be aware of the key necessaryfor the deciphering when making the cryptographic communication.Therefore, the user can make the communication between the networkssafely and in a simple manner by only making a normal communicationtext.

[0034] A further object of the present invention is to provide a usersupport system for cryptographic communication in a network system inwhich a first system and a second system are connected via an externalnetwork, comprising an enciphering unit, provided in the first system,enciphering a communication text to be output to the external network,where the enciphering unit comprises a first receiver receiving thecommunication text which is made in the first system and is to betransmitted via the external network, a first key storage storing keysnecessary for a cryptographic communication, a first key retrieving partretrieving a key from the first key storage based on a destination ofthe communication text, an enciphering part enciphering thecommunication text into an enciphered communication text using the keyretrieved by the key retrieving part, and a first transmittertransmitting the enciphered communication text from the enciphering partto the external network. According to the user support system of thepresent invention, the cryptographic communication can be made withoutthe user having to start the enciphering unit. In addition, the keymanagement is simple, so that the user does not have to be aware of thekey necessary for the enciphering when making the cryptographiccommunication. Therefore, the user can make the communication betweenthe networks safely and in a simple manner by only making a normalcommunication text.

[0035] Another object of the present invention is to provide the usersupport system described immediately above and further comprising adeciphering unit, provided in the second system, deciphering theenciphered communication text input via the external network, where thedeciphering unit comprises a second receiver receiving a communicationtext input via the external network, a deciphered mail extracting partdetermining whether the communication text received by the secondreceiver is an enciphered communication text or a normal communicationtext and extracting the enciphered communication text, a second keystorage storing keys necessary for the cryptographic communication, asecond key retrieving part retrieving from the second key storage a keythat is necessary for deciphering the enciphered communication text whenthe deciphered mail extracting part extracts the encipheredcommunication text, a deciphering part deciphering the encipheredcommunication text into a deciphered communication text using the keyretrieved by the second key retrieving part, and a second transmittertransmitting the deciphered communication text from the deciphering partto a destination of the deciphered communication text within the secondsystem. According to the user support system of the present invention,the cryptographic communication can be made without the user having tostart the deciphering unit. In addition, the key management is simple,so that the user does not have to be aware of the key necessary for thedeciphering when making the cryptographic communication, Therefore, theuser can make the communication between the networks safely and in asimple manner by only making a normal communication text.

[0036] Still another object of the present invention is to provide auser support system for cryptographic communication in a network systemin which a first system and a second system are connected via anexternal network, comprising a deciphering unit, provided in the secondsystem, deciphering the enciphered communication text input via theexternal network, where the deciphering unit comprises a receiverreceiving a communication text input via the external network, adeciphered mail extracting part determining whether the communicationtext received by the receiver is an enciphered communication text or anormal communication text and extracting the enciphered communicationtext, a key storage storing keys necessary for the cryptographiccommunication, a key retrieving part retrieving from the key storage akey that is necessary for deciphering the enciphered communication textwhen the deciphered mail extracting part extracts the encipheredcommunication text, a deciphering part deciphering the encipheredcommunication text into a deciphered communication text using the keyretrieved by the key retrieving part, and a transmitter transmitting thedeciphered communication text from the deciphering part to a destinationof the deciphered communication text within the second system. Accordingto the user support system of the present invention, the cryptographiccommunication can be made without the user having to start thedeciphering unit. In addition, the key management is simple, so that theuser does not have to be aware of the key necessary for the decipheringwhen making the cryptographic communication. Therefore, the user canmake the communication between the networks safely and in a simplemanner by only making a normal communication text.

[0037] Other objects and further features of the present invention willbe apparent from the following detailed description when read inconjunction with the accompanying drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

[0038]FIG. 1 is a system block diagram showing an example of aconventional cryptographic communication system employing the PEMsystem;

[0039]FIG. 2 is a system block diagram showing an example of aconventional cryptographic communication system employing a signaturecheck system;

[0040]FIGS. 3A and 3B respectively are system block diagrams showing theconstruction of a conventional enciphering unit and a conventionaldeciphering unit;

[0041]FIG. 4 is a system block diagram for explaining the operatingprinciple of the present invention according to one aspect of thepresent invention;

[0042]FIG. 5 is a system block diagram for explaining the operatingprinciple of the present invention according to another aspect of thepresent invention;

[0043]FIG. 6 is a system block diagram showing a first embodiment of auser support system for cryptographic communication according to thepresent invention;

[0044]FIG. 7 is a diagram showing an embodiment of a data structure ofan enciphered mail in the first embodiment;

[0045]FIG. 8 is a diagram showing the structure of a deciphered mail inthe first embodiment;

[0046]FIG. 9 is a flow chart for explaining the operation of adeciphering unit of the first embodiment;

[0047]FIG. 10 is a system block diagram showing a second embodiment ofthe user support system for cryptographic communication according to thepresent invention;

[0048]FIG. 11 is a flow chart for explaining the operation of adeciphering unit of the second embodiment;

[0049]FIG. 12 is a system block diagram showing a third embodiment ofthe user support system for cryptographic communication according to thepresent invention;

[0050]FIG. 13 is a time chart for explaining the operation of adeciphering unit of the third embodiment;

[0051]FIG. 14 is a system block diagram showing a fourth embodiment ofthe user support system for cryptographic communication according to thepresent invention;

[0052]FIG. 15 is a system block diagram showing an enciphering unit ofthe fourth embodiment;

[0053]FIG. 16 is a diagram showing another embodiment of a public keystorage of the fourth embodiment;

[0054]FIG. 17 is a system block diagram showing a deciphering unit ofthe fourth embodiment;

[0055]FIG. 18 is a diagram showing another embodiment of a secret keystorage of the fourth embodiment;

[0056]FIG. 19 is a diagram showing an embodiment of a data structure ofan enciphered mail in the fourth embodiment;

[0057]FIG. 20 is a system block diagram showing a fifth embodiment ofthe user support system for cryptographic communication according to thepresent invention;

[0058]FIG. 21 is a flow chart for explaining the operation of anenciphering unit of the fourth embodiment;

[0059]FIG. 22 is a flow chart for explaining the operation of anenciphering unit of the fifth embodiment;

[0060]FIG. 23 is a flow chart for explaining the operation of adeciphering unit of the fourth embodiment; and

[0061]FIG. 24 is a flow chart for explaining the operation of adeciphering unit of the fifth embodiment.

DESCRIPTION OF THE PREFERRED EMBODIMENTS

[0062] When both the transmitting and receiving ends form a network suchas a local area network (LAN) and each network forms a LAN by connectingto an external network having an unspecified large number of users, thedanger of tampering, tapping and the like of the communication contentexists in the external network, and not in the network at thetransmitting end nor the network at the receiving end. The presentinvention focuses on this point, and facilitates the cryptographiccommunication in such a network system in which the network at thetransmitting end and the network at the receiving end are connected toexternal network.

[0063] First, a description will be given of the operating principle ofthe present invention, by referring to FIGS. 4 and 5. FIG. 4 is a systemblock diagram for explaining one aspect of the present invention, andFIG. 5 is a system block diagram for explaining another aspect of thepresent invention.

[0064] According to the one aspect of the present invention, adeciphering unit is automatically started when the deciphering unitreceives an enciphered mail. In addition, required secret key and publickey are automatically obtained so that the deciphering can be made. Onthe other hand, when making the enciphering, a series of processesincluding obtaining keys necessary for the enciphering, starting anenciphering unit and the like are carried out automatically.

[0065] In FIG. 4, a user support system P for cryptographiccommunication includes an enciphering unit Q and a deciphering unit R.

[0066] The deciphering unit R includes a receiver 1, a synchronizationcontroller 2, a deciphering part 3, a key storage 4, an output part 5,and a signature check part 6. The synchronization controller 2automatically carries out the deciphering process including detection ofan enciphered communication text (enciphered mail), automatic start ofthe deciphering part 3, obtaining of necessary key and the like. Thedeciphering part 3 deciphers the received enciphered mail. The keystorage 4 stores a secret key, a public key and the like. The outputpart 5 outputs the enciphered communication text (mail text, signaturecheck result and the like). The signature check part 6 checks thesignature which is transmitted with the enciphered mail.

[0067] The synchronization controller 2 includes an encipheredcommunication text detector 10 for distinguishing the enciphered mailand a normal mail with respect to the mail that is received at thereceiver 1, a key obtaining part 11 for obtaining keys (secret key orpublic key) that are necessary to decipher the enciphered mail, and adeciphering part starter 12 for automatically starting the decipheringpart 3 in synchronism with the reception of the enciphered mail.

[0068] On the other hand, the enciphering unit Q includes a receiver 1′,a synchronization controller 2′, an enciphering part 3′, a key storage4′, an output part 5′, and a signature forming part 6′. The receiver 1′receives the communication text (mail) to be enciphered. A receiver maybe used in common as this receiver 1′ of the enciphering unit Q and thereceiver 1 of the deciphering unit R. The synchronization controller 2′automatically carries out the enciphering process including automaticstart of the enciphering part 3′, obtaining of necessary key and thelike. A part of this synchronization controller 2′ may be used in commonas a part of the synchronization controller 2 of the deciphering unit R.The enciphering unit 3′ enciphers the mail. The key storage 4′ stores asecret key, a public key and the like. The output part 5′ outputs theenciphered mail. An output part may be used in common as this outputpart 5′ and the output part 5 of the deciphering unit R. The signaturepart 6′ makes the signature.

[0069] [Operation of the Deciphering Unit R]

[0070] The receiver 1 receives the mail that is transmitted from anetwork which may be an internal network or an external network. In thesynchronization controller 2, the enciphered communication text detector10 determines whether the received mail is an enciphered mail or anormal mail (mail of a normal text). The normal mail is transferred tothe output part 5 without being passed through the deciphering part 3.

[0071] On the other hand, when the received mail is the enciphered mail,the input of the enciphered mail is notified to the key obtaining part11, and the key obtaining part 11 obtains from the key storage 4 thekeys that are necessary for the deciphering. In addition, thedeciphering part starter 12 starts the deciphering part 3. Hence, theenciphered mail is deciphered in the deciphering part 3 using theobtained key. In addition, if the signature check is required, thesignature check part 6 is started and the signature check is made. Thedeciphered mail, and the signature check result if the signature exists,are transferred to the output part 5. The output part 5 outputs thedeciphered mail text, and the signature check result if the signatureexists.

[0072] [Operation of the Enciphering Unit Q]

[0073] The receiver 1′ receives the communication text to be output tothe external network. The key necessary for the enciphering is retrievedfrom the key storage 4′ based on an instruction from the synchronizationcontroller 2′. In addition, the enciphering part 3′ is started based onan instruction from the synchronization controller 2′. The communicationtext (normal text) is enciphered in the enciphering unit 3′ using thekey that is retrieved from the key storage 4′. Moreover, if thesignature is required, the synchronization controller 2′ starts thesignature forming part 6′ and makes the signature. The encipheredcommunication text (mail) is transferred to the output part 5′ and isoutput to the external network.

[0074] Therefore, the synchronization controller 2 automaticallydetermines whether or not the received mail is the enciphered mail,obtains the keys necessary for the deciphering, and automatically startsthe deciphering part 3. For this reason, it is possible to greatlyreduce the burden on the user when deciphering the enciphered mail. Inaddition, when making the enciphering, the series of processes includingobtaining of the necessary key, making the enciphering and the like canbe made automatically. As a result, it is possible to simply carry outthe cryptographic communication.

[0075] According to the other aspect of the present invention, a mailwhich needs to be enciphered out of mails which are made isautomatically passed through an enciphering unit and enciphered beforebeing output to an external network. Alternatively, all documents outputto the external network are automatically enciphered. Furthermore, whenthe enciphered mail is received, the enciphered mail is automaticallydeciphered by being passed through a deciphering unit of the networkwhich received the enciphered mail, so that the deciphered mail istransferred to a user at a destination.

[0076] In FIG. 5, a system 20 (A) is an internal network such as a LAN,and is connected to an external network 21. The external network 21 is acommercial network for use by an unspecified larger number of users. Asystem 22 (B) is an internal network such as a LAN, and is connected tothe external network 21.

[0077] In the system 20 (A), a communication text (mail) 25 is made bythe user A of the system 20. An enciphering unit 26 enciphers the mail25. This enciphering unit 26 includes a receiver 27, an encipheringprocessor 28, a key storage 29, and a transmitter 33. The receiver 27receives the mail 25 which is made in the system 20 and is to be outputto the external network 21. The enciphering processor 28 enciphers themail 25 that is received by the receiver 27. The key storage 29 storesas a database secret keys and public keys of the users connected to thesystem 20 as well as the public keys of the users (including the user B)of the other systems (including the system 22). The transmitter 30outputs the enciphered mail to the external network 21.

[0078] In addition, the enciphering processor 28 includes a destinationextracting part 31, a key retrieving part 32, and an enciphering part33. The destination extracting part 31 extracts a destination of themail 25 which is made in the system 20. The key retrieving part 32retrieves the key storage 29 based on the destination of the mail 25,and obtains the key necessary for the enciphering. The enciphering part33 enciphers the received mail 25 using the key that is obtained in thekey retrieving part 32.

[0079] On the other hand, in the system 22, a deciphering unit 35includes a receiver 36, a deciphering processor 37, a key storage 38,and a transmitter 39. The receiver 36 receives a mail which is input tothe system 22 from the external network 21, and transfers this mail tothe user B at the destination within the system 22. The decipheringprocessor 37 deciphers the mail received by the receiver 36. The keystorage 38 stores as a database the secret keys, the public keys, andthe public keys of other systems (including the system 20) that arenecessary to decipher the received enciphered mail. The transmitter 39transfers the deciphered mail to the user B of the system 22. Inaddition, a deciphered communication text (mail) 40 has been decipheredin the deciphering unit 35 and is transferred to the user B at thedestination within the system 22.

[0080] The deciphering processor 37 includes a destination extractingpart 41, an enciphered mail extracting part 41′, a key retrieving part42, and a deciphering part 43. The destination extracting part 41extracts the destination of the mail received by the receiver 36. Theenciphered mail extracting part 41′ determines whether the received mailis an enciphered mail or a normal mail. The key retrieving part 42retrieves the key necessary for the deciphering from the key storage 38based on the destination that is extracted in the destination extractingpart 41. The deciphering part 43 deciphers the received enciphered mailusing the key that is retrieved in the key retrieving part 42.

[0081] [Operation of the Enciphering Unit]

[0082] The enciphering unit 26 shown in FIG. 5 is provided in a terminalequipment defined in the network system of the system 20 or, in anetwork connecting equipment which connects the internal network formingthe system 22 to the external network 21.

[0083] For the sake of convenience, it will be assumed that the user Aof the system 20 makes the communication text (mail) 25 which has theuser B of the system 22 as its destination.

[0084] In this case, the mail 25 is received by the receiver 27 of theenciphering unit 26. The destination extracting part 31 extracts thedestination (user B) from the mail 25. The key retrieving part 32retrieves the key from the key storage 29 based on the destination (userB) extracted in the destination extracting part 31. The retrieved key isnecessary to encipher the mail 25 that is made by the user A, and thiskey is notified to the enciphering part 33. The retrieved key is apublic key of the user B, a secret key of the user A if the signature isrequired, or the like. The enciphering part 33 enciphers the text of themail 25 using the public key of the user B, and makes the signatureusing the secret key of the user A if necessary.

[0085] The transmitter 30 outputs the mall 25 which has been encipheredto the external network 21.

[0086] In order for the mail 25 that is made by the user A to passthrough the enciphering unit 26, the user B is specified in the mailaddress as the destination, and the address of the terminal equipment towhich the enciphering unit 26 belongs is specified. Alternatively, theenciphering unit 26 is provided in the network connecting equipmentwhich connects the system 20 and the external network 21, and thedocuments output from the system 20 to the external network 21 are allautomatically passed through the enciphering unit 26 and enciphered.

[0087] [Operation of the Deciphering Unit]

[0088] For the sake of convenience, it will be assumed that theenciphered mail made by the user A of the system 20 and having the userB of the system 22 as its destination is input from the external network21.

[0089] The enciphered mail is input to the deciphering unit 35 via theexternal network 21, and the receiver 36 inputs the enciphered mail fromthe user A. The enciphered mail extracting part 41′ determines whetherthe received mail is an enciphered mail or a normal mail. If thereceived mail is the normal mail, the received mail is transferred tothe transmitter 39 without being passed through the deciphering unit 43.On the other hand, if the received mail is the enciphered mail, thedestination extracting part 41 extracts the destination from a mailheader of the enciphered mail, and it is found that the destination isthe user B. The key retrieving part 42 retrieves the key necessary forthe deciphering (secret key of the user B, public key of the user A orthe like) from the key storage 38 based on the destination that isextracted in the destination extracting part 41.

[0090] The deciphering part 43 deciphers the enciphered mail using thekey that is retrieved in the key retrieving part 42. The transmitter 39transfers the deciphered mail to the user B of the system 22, that is,to the destination.

[0091] In order for all of the mails input from the external network 21to pass through the deciphering unit 35, there must be an advanceunderstanding when the user A of the system 20 writes the mail address,so that the user A specifies the address of the deciphering unit 35 ofthe system 22 in addition to the address of the user B. Alternatively,the deciphering unit 35 may be provided in the network connectingequipment which connects the external network 21 and the system 22, sothat all of the mails input from the external network 21 to the network22 are automatically passed through the deciphering unit 35 and theenciphered mails are automatically deciphered.

[0092] The system 20 and the system 22 exist independently. For thisreason, the enciphered mail that is deciphered in the system 22 does nothave to be enciphered by the enciphering unit 27 having the constructionshown in the system 20 in FIG. 5. In addition, the mail that isenciphered in the system 20 does not need to be enciphered on theprecondition that it will be deciphered by the deciphering unit 35having the construction shown in the system 22 in FIG. 5.

[0093] Therefore, the enciphering and deciphering can be made fullyautomatically without having to carry out the troublesome operationssuch as obtaining the keys at the user who makes the enciphered mail andat the user B who receives the enciphered mail, starting the encipheringpart and the deciphering part and the like. For this reason, it ispossible to simply make the cryptographic communication without the userhaving to be aware that the cryptographic communication is to be made.

[0094] Next, a description will be given of a first embodiment of theuser support system for cryptographic communication according to thepresent invention.

[0095]FIG. 6 shows the construction of the first embodiment. Moreparticularly, FIG. 6 shows the construction of a deciphering unit inconformance with the one aspect of the present invention described abovewith reference to FIG. 4.

[0096] In FIG. 6, a system 50 includes a plurality of terminalequipments 53 (only one shown), and is connected to an external network(not shown) via a network connecting equipment 51. A mail spool 52stores mails input to the system 50 from the external network. Theterminal equipment 53 includes a deciphering unit 54.

[0097] The deciphering unit 54 includes a synchronization controller 55,a deciphering part 65, a key file 66 which corresponds to the keystorage 4 shown in FIG. 4, a mail box 67, a signature check part 68, anda user interface 69. The user interface 69 outputs the normal mail andthe deciphered mail to a display, printer or the like.

[0098] The synchronization controller 55 includes an enciphered maildetector 56, a reading part 57, a controller 58, a timer 59, a key filereading part 60, a deciphering part starter 61, a signature check partstarter 62, an input/output part 63, and a storage instruction part 64.

[0099] The enciphered mail detector 56 periodically retrieves the mailhaving the terminal equipment 53 as its destination from the mail spool52. In addition, the enciphered mail detector 56 determines whether themail transmitted to the terminal equipment 53 is an enciphered mail or anormal mail. The reading part 57 reads from the mail spool 52 the mailhaving the terminal equipment 53 as its destination. The controller 58controls various parts of the synchronization controller 55. The timer59 determines the time of the periodical access from the enciphered maildetector 56 to the mail spool 52.

[0100] The key file reading part 60 retrieves the key from the key file66. The deciphering part starter 61 starts the deciphering part 65, andthe signature check part starter 62 starts the signature check part 68.The input/output part 63 outputs control signals to various parts of theterminal equipment 53, and receives signals such as a deciphering endnotification from the deciphering part 65. The storage instruction part64 instructs the storage to the mail box 67. In other words, the storageinstruction part 64 instructs storage of the normal mail to the mail box67 or, instructs storage of the mail deciphered in the deciphering part65 to the mail box 67.

[0101] The operation of the deciphering unit shown in FIG. 6 will bedescribed later.

[0102]FIG. 7 shows an embodiment of a data structure of an encipheredmail used in this first embodiment. In FIG. 7, data 60′ related to theenciphered mail includes a header part 61′, a sender electronicsignature 65, a sender certificate 66, enciphered key information 67,and enciphered mail text 68.

[0103] The header part 61′ includes a sender address 62′, a destinationaddress 63, and an enciphered mail identifier 64 which indicates thekind of enciphered mail and normal mail.

[0104] The sender electronic signature 65 includes an enciphered digestor the like of the mail text. The sender certificate 66 certifies thatthe sender is the true or real person. The enciphered key information 67is transmitted from the sender and includes information related to thesecret key which is used by the sender A to encipher the mail textaccording to the DES system and is further enciphered by the public keyof the receiving user B, information related to the public key of thesender A used by the sender A to encipher the electronic signature, andthe like.

[0105]FIG. 8 shows the structure of a deciphered mail used in this firstembodiment. In FIG. 8, a deciphered mail 80 includes a signature checkresult 81 and a deciphered text 85.

[0106] The signature check result 81 includes a check result withrespect to the mail text, and certifications 83 and 84. The check result82 indicates that the tampering or the like has not been made withrespect to the mail text. The certification 83 certifies that the senderis the true or real person. In addition, the certification 84 relates tothe certification issuing office, and indicates that the certificationof the sender is correct.

[0107] Next, a description will be given of the operation of the firstembodiment shown in FIG. 6, by referring to FIG. 9. FIG. 9 is a flowchart for explaining the operation of the deciphering unit of the firstembodiment.

[0108] In FIG. 6, the exchanges among the various parts of thesynchronization controller 55 are made via the controller 58. Inaddition, the exchanges among the synchronization controller 55 and thevarious parts (for example, the deciphering part 65) of the decipheringunit 54 are controlled by the controller 58 of the synchronizationcontroller 55 via the input/output part 63 of the synchronizationcontroller 55.

[0109] The mail input from the external network is stored in the mailspool 52 via the network connecting equipment 51. A step S1 shown inFIG. 9 decides whether or not it is a detection timing. In other words,the deciphered mail detector 56 periodically makes access to the mailspool 52 in response to an instruction from the timer 59. If thedecision result in the step S1 is YES, a step S2 searches the mailsstored in the mail spool 52 and decides whether or not a mail addressedto the terminal equipment 53 is received and stored in the mail spool52. If the decision result in the step S2 is YES, a step S3 reads themail addressed to the terminal equipment 53 from the mail spool 52. Inother words, the controller 58 instructs the reading part 57 to read themail addressed to the terminal equipment 53 from the mail spool 52, andthe reading part 57 reads this mail from the mail spool 52.

[0110] A step S4 decides whether or not the read mail is an encipheredmail. In other words, the enciphered mail detector 56 detects whetherthe read mail is an enciphered mail or a normal mail.

[0111] If the decision result in the step S4 is YES and the read mail isan enciphered mail, the controller 58 instructs the deciphering partstarter 61 to start the deciphering part 65 in a step S5. A start signalfor starting the deciphering part 65 is supplied to the deciphering part65 via the input/output part 63 of the synchronization controller 55,thereby starting the deciphering part 65. In addition, the key filereading part 60 obtains from the key file 66 the key that is necessaryfor the deciphering and supplies the key to the deciphering part 65 inthis step S5.

[0112] A step S6 stores the deciphered mail in the mail box 67. In otherwords, the deciphering part 65 deciphers the enciphered mail using thekey obtained from the key file 66, and obtains the deciphered mail. Inaddition, when the end of this deciphering process is notified from thedeciphering part 65 to the input/output part 63 of the synchronizationcontroller 55, the deciphered mail is stored in the mail box 67 inresponse to an instruction from the storage instruction part 64.

[0113] In a step S7, a start control signal for the signature check part68 is supplied to the signature check part 68 via the input/output part63 of the synchronization controller 55 in response to a startinstruction from the signature check part starter 62. Furthermore, thedeciphered mail is supplied to the signature check part 68. In a stepS8, the signature check is made in the signature check part 68.

[0114] In a step S9, the signature check part 68 notifies the end of thesignature check to the synchronization controller 55 when the signaturecheck ends. This notification of the end of the signature check is inputto the input/output part 63 of the synchronization controller 55, and isnotified to the storage instruction part 64. Hence, in the step S9, thestorage instruction part 64 instructs the signature check part 68 tostore the result of the signature check in the mail box 67, and thesignature check part 68 stores the signature check result in the mailbox 67.

[0115] On the other hand, if the mail read by the reading part 57 is anormal mail and the decision result in the step S4 is NO, the normalmail is stored in the mail box 67 in response to an instruction from thestorage instruction part 64 in a step S10.

[0116] After the step S9 or S10, a step S11 decides whether or not thereis a read request from the user. If the decision result in the step S11is YES, a step S12 outputs the mail stored in the mail box 67 via theuser interface 69. For example, the mail stored in the mail box 67 isdisplayed on a display.

[0117] Next, a description will be given of a second embodiment of theuser support system for cryptographic communication according to thepresent invention, by referring to FIG. 10. FIG. 10 shows theconstruction of the second embodiment. More particularly, FIG. 10 showsthe construction of a deciphering unit in conformance with the oneaspect of the present invention described above with reference to FIG.4.

[0118] In this second embodiment, the deciphered result of theenciphered mail and the signature check result are again stored in themail spool 52, so that the deciphered mail can be used in common amongthe users of the system 50.

[0119] In FIG. 10, those parts which are the same as those correspondingparts in FIG. 6 are designated by the same reference numerals, and adescription thereof will be omitted.

[0120] In FIG. 10, a storage instruction part 64′ instructs storage ofthe deciphered mail and the signature check result into the mail spool52. A mail reading unit 67′ reads the mail from the mail box 67.

[0121] Next, a description will be given of the operation of the secondembodiment shown in FIG. 10, by referring to FIG. 11. FIG. 11 is a flowchart for explaining the operation of the deciphering unit of the secondembodiment. In FIG. 11, those steps which are the same as thosecorresponding steps in FIG. 9 are designated by the same referencenumerals.

[0122] In FIG. 11, the steps S1 through S5 are the same as the step S1through S5 shown in FIG. 9. In other words, the step S1 shown in FIG. 11decides whether or not it is a detection timing. In other words, thedeciphered mail detector 56 periodically makes access to the mail spool52 in response to an instruction from the timer 59. If the decisionresult in the step S1 is YES, the step S2 searches the mails stored inthe mail spool 52 and decides whether or not a mail addressed to theterminal equipment 53 is received and stored in the mail spool 52. Ifthe decision result in the step S2 is YES, the step S3 reads the mailaddressed to the terminal equipment 53 from the mail spool 52. In otherwords, the controller 58 instructs the reading part 57 to read the mailaddressed to the terminal equipment 53 from the mail spool 52, and thereading part 57 reads this mail from the mail spool 52.

[0123] The step S4 decides whether or not the read mail is an encipheredmail. In other words, the enciphered mail detector 56 detects whetherthe read mail is an enciphered mail or a normal mail.

[0124] If the decision result in the step S4 is YES and the read mail isan enciphered mail, the controller 58 instructs the deciphering partstarter 61 to start the deciphering part 65 in the step S5. A startsignal for starting the deciphering part 65 is supplied to thedeciphering part 65 via the input/output part 63 of the synchronizationcontroller 55, thereby starting the deciphering part 65. In addition,the key file reading part 60 obtains from the key file 66 the key thatis necessary for the deciphering and supplies the key to the decipheringpart 65 in this step S5.

[0125] A step S6′ again stores the deciphered mail in the mail spool 52.In other words, the deciphering part 65 deciphers the enciphered mailusing the key obtained from the key file 66, and obtains the decipheredmail. In addition, when the end of this deciphering process is notifiedfrom the deciphering part 65 to the input/output part 63 of thesynchronization controller 55, the deciphered mail is again stored inthe mail spool 52 in response to an instruction from the storageinstruction part 64′.

[0126] In a step S7′, a start control signal for the signature checkpart 68 is supplied to the signature check part 68 via the input/outputpart 63 of the synchronization controller 55 in response to a startinstruction from the signature check part starter 62. Furthermore, thedeciphered mail is supplied to the signature check part 68. In a stepS8′, the signature check is made in the signature check part 68.

[0127] In a step S9′, the signature check part 68 notifies the end ofthe signature check to the synchronization controller 55 when thesignature check ends. This notification of the end of the signaturecheck is input to the input/output part 63 of the synchronizationcontroller 55, and is notified to the storage instruction part 64′.Hence, in the step S9′, the storage instruction part 64′ instructs thesignature check part 68 to again store the result of the signature checkin the mail spool 52, and the signature check part 68 again stores thesignature check result in the mail box 67.

[0128] The normal mail or the deciphered mail stored in the mail spool52 is stored in the mail box 67 by the mail reading unit 67′.

[0129] On the other hand, if the mail read by the reading part 57 is anormal mail and the decision result in the step S4 is NO, the processreturns to the step S1.

[0130] Next, a description will be given of a third embodiment of theuser support system for cryptographic communication according to thepresent invention, by referring to FIG. 12. FIG. 12 shows theconstruction of the third embodiment. More particularly, FIG. 12 showsthe construction of a deciphering unit in conformance with the oneaspect of the present invention described above with reference to FIG.4.

[0131] In this third embodiment, the signature check part 68 makes thesignature check while the deciphered result of the enciphered mail istransferred to the user interface 69.

[0132] In FIG. 12, those parts which are the same as those correspondingparts in FIG. 6 are designated by the same reference numerals, and adescription thereof will be omitted.

[0133] In FIG. 12, a buffer memory 70 for display is provided to storethe deciphered result from the deciphering part 65 and the signaturecheck result. The deciphered data stored in the buffer memory 70 areoutput to a display, printer or the like.

[0134]FIG. 13 is a time chart for explaining the operation of the thirdembodiment, that is, the operation of the deciphering unit of the thirdembodiment.

[0135] The processes starting from the process of obtaining theenciphered mail stored in the mail spool 52 by the synchronizationcontroller 55 up to the process of deciphering the obtained mail in thedeciphering part 65 are the same as those of the first embodiment shownin FIG. 6. In other words, the deciphered mail detector 56 periodicallymakes access to the mail spool 52 in response to the instruction fromthe timer 59, and the reading part 57 reads the mail from the mail spool52. The enciphered mail detector 56 determines whether the read mail isan enciphered mail or a normal mail. In the case of the enciphered mail,the deciphering part starter 61 starts the deciphering part 65, and thekey file reading part 60 reads from the key file 66 the key necessaryfor the deciphering and supplies this key to the deciphering part 65. Asa result, the enciphered mail is deciphered in the deciphering part 65using the key.

[0136] When the deciphering process of the deciphering part 65 ends, thedeciphered result is stored in the buffer memory 70 of the userinterface 69 in response to a control instruction from thesynchronization controller 55. The deciphered result is displayed on adisplay or output to a printer or the like. On the other hand, thesignature check part 68 of the synchronization controller 55 is startedwhile the deciphered result from the deciphering part 65 is transferredto the buffer memory 70 and the deciphered result is subjected to thedisplay process on the display or the like. Hence, the signature checkpart 68 makes the signature check based on the deciphered result fromthe deciphering part 65. When the signature check of the signature checkpart 68 ends, the signature check result is transferred to the buffermemory 70, and is output to the display, printer or the like.

[0137] In the time chart shown in FIG. 13, the deciphering process ofthe deciphering part 65 starts at a time t₀. The transfer of thedeciphered result to the buffer memory 70 and for example, the displayof the deciphered result are started at a time t₁. At the same time t₁,the signature check of the signature check part 68 is started. Thesignature check ends at a time t₂, and the signature check result istransferred to the buffer memory 70 and for example, the display of thesignature check result starts.

[0138] Next, a description will be given of a fourth embodiment of theuser support system for cryptographic communication according to thepresent invention.

[0139]FIG. 14 shows the construction of the fourth embodiment. Moreparticularly, FIG. 14 shows the construction of an enciphering unit anda deciphering unit in conformance with the other aspect of the presentinvention described above with reference to FIG. 5.

[0140] In FIG. 14, network systems 100 (A), 101 (B) and 102 (C)respectively are a LAN or the like. An external network 103 is used byan unspecified larger number of users.

[0141] In the network system 100, there are provided a terminalequipment 110 (A-1), a terminal equipment 115 (A-2), a network 122, anda network connecting equipment 123.

[0142] The terminal equipment 110 is connected to the network 122, andincludes a mail 111 and a communication control unit 112. The mail 111includes a mail text and a header related to a destination and the like.

[0143] The terminal equipment 115 includes a communication control unit116 and an enciphering unit 117. The enciphering unit 117 includes areceiver 118, a public key storage 119 which will be described later inconjunction with FIG. 15, a transmitter 120, and an encipheringprocessor 121 which includes an enciphering part and the like which willbe described later.

[0144] The network connecting equipment 123 connects the network 122 andthe external network 103.

[0145] In the network system 101, there are provided a terminalequipment 130 (B-1), a terminal equipment 135 (B-2), a network 142, anda network connecting equipment 143.

[0146] The terminal equipment 130 includes a communication control unit131 and a received mail 132.

[0147] On the other hand, the terminal equipment 135 includes acommunication control unit 136 and a deciphering unit 137. Thedeciphering unit 137 includes a receiver 138, a secret key storage 139which will be described later in conjunction with FIG. 17, a transmitter140, and a deciphering processor 141 which includes a deciphering partand the like which will be described later.

[0148] The network connecting equipment 143 connects the network 142 andthe external network 103.

[0149] In the network system 102, there are provided a terminalequipment 150 (C) and a network 151.

[0150] A network connecting equipment 152 connects the network 151 andthe external network 103. This network connecting equipment 152 may beprovided inside or outside the network system 102.

[0151] For the sake of convenience, it will be assumed that the mail 111made at the terminal equipment 110 of the network system 100 istransmitted to the terminal equipment 130 of the network system 101 asan enciphered mail.

[0152] The terminal equipment 110 makes the mail 111 by adding to a mailtext a header which includes a destination address of the destinationterminal equipment 130 and an address of the terminal equipment 115within the network system 100 and including the enciphering unit 117.For example, the program statement for making the header is “KURODA %DESTINATION ADDRESS @ ADDRESS OF TERMINAL EQUIPMENT INCLUDINGENCIPHERING UNIT”, and specifies the sender, the destination and theaddress of the enciphering unit. Of course, other methods of specifyingthe address may be employed, such as the OSI system.

[0153] The mail 111 is output to the network 122 from the communicationcontrol unit 112. Since the mail 111 is added with the address of theterminal equipment 115, the mail 111 passes through the terminalequipment 115 before being output to the external network 103. The mail111 is received by the receiver 118 of the terminal equipment 115 viathe communication control unit 116, and is transferred to theenciphering processor 121. The enciphering processor 121 extracts thedestination (address of the terminal equipment 130) from the mail 111,and obtains the key (for example, the public key of the user B of thedestination terminal equipment 130) that is necessary for theenciphering by searching the public key storage 119. The encipheringprocessor 121 enciphers the mail 111 using the obtained key, and outputsthe enciphered mail from the transmitter 120 to the external network 103via the communication control unit 116.

[0154] The enciphered mail is transmitted from the external network 103to the network system 101 and is received by the terminal equipment 135.

[0155]FIG. 14 shows a case where, in the network system 101, theenciphered mail addressed to the network system 101 is automaticallyinput to the terminal equipment 135 having the deciphering unit 137.Hence, the deciphering unit 137 deciphers the enciphered mail andtransfers the deciphered mail to the destination terminal equipment 130of the network system 101.

[0156] The enciphered mail input to the network system 101 is thus inputto the terminal equipment 135. In order for the enciphered mail to betransferred to the destination terminal equipment 130 via the terminalequipment 135, the user A of the network system 100 specifies theaddresses of the terminal equipments 130 and 135 at the destination ofthe header when making the mail 111, for example. The program statementwhich specifies the address in such a manner is “KURODA % DESTINATIONADDRESS @ ADDRESS OF TERMINAL EQUIPMENT INCLUDING ENCIPHERING UNIT”which specifies the sender, the destination and the enciphering unit,for example.

[0157] The enciphered mail is input to the terminal equipment 135 and isinput to the deciphering unit 137 via the communication control unit136. In the deciphering unit 137, the enciphered mail is received by thereceiver 138 and is supplied to the deciphering processor 141. Thedeciphering processor 141 extracts the destination address (address ofthe terminal equipment 130) from the enciphered mail, and obtains fromthe secret key storage 139 the key (for example, the secret key of theuser B of the terminal equipment 130) that is necessary for thedeciphering in the deciphering processor 141. The deciphering processor141 deciphers the enciphered mail using the obtained key, and transfersthe deciphered mail from the transmitter 140 to the terminal equipment130 via the communication control unit 136.

[0158] The above network system 100 and the network system 101 existindependently. For this reason, the enciphered mail that is decipheredin the system network 101 does not have to be enciphered by theenciphering unit 117 having the construction shown in the system network100 in FIG. 14. In addition, the mail that is enciphered in the system100 does not need to be enciphered on the precondition that it will bedeciphered by the deciphering unit 137 having the construction shown inthe system network 101 in FIG. 14. In other words, the destination ofthe mail is made as described above, but it is possible to employ theenciphering and deciphering units of the normal terminal equipmentswithin the network systems.

[0159]FIG. 15 shows the enciphering unit of the fourth embodiment.

[0160] In FIG. 15, the enciphering unit 117 includes the receiver 118,the public key storage 119, the transmitter 120 and the encipheringprocessor 121. In this case, a public key database forms the public keystorage 119. As shown in FIG. 15, the public key database 119 stores thepublic keys for each of the user names in each of the network systems.

[0161] The enciphering processor 121 includes a destination extractingpart 160, a key retrieving part 161 and an enciphering part 162. Thedestination extracting part 160 extracts the destination address of themail. The key retrieving part 161 searches the public key database 119by the destination address (user name), and retrieves the key (forexample, the public key of the destination user) that is necessary forthe enciphering process. The enciphering part 162 enciphers the mailusing the public key or the like of the destination user.

[0162]FIG. 16 shows another embodiment of the public key storage of thefourth embodiment. According to the public key database 119 shown inFIG. 16, a single public key is provided in common within the networksystem. In the particular case shown, a single public key is provided incommon within the network system 100 (A), and a single public key isprovided in common within the network system 101 (B).

[0163] As described above, the content of the mail does not have to besecret within the individual network systems 100 and 101. For thisreason, in the enciphering unit 117 shown in FIG. 15, the cryptographiccommunication can be made by simply preparing a single public key whichis common to each of the users of the network systems and a secret key.Therefore, it is possible to reduce the burden on each user to managethe keys.

[0164]FIG. 17 shows the deciphering unit of the fourth embodiment.

[0165] In FIG. 17, the deciphering unit 137 includes the receiver 138,the secret key storage 139, the transmitter 140 and the decipheringprocessor 141. In this case, a secret key database forms the secret keystorage 139. As shown in FIG. 17, the secret key database 139 stores thesecret keys and the corresponding public keys for each of the users ofthe network system 101.

[0166] The deciphering processor 141 includes an enciphered mailextracting part 169, a destination extracting part 170, a key retrievingpart 171, and a deciphering part 172. The enciphered mail extractingpart 169 distinguishes the enciphered mail from the normal mail. Thedestination extracting part 170 extracts the destination address of themail. The key retrieving part 171 searches the secret key database 139by the destination address (user name), and retrieves the key (forexample, the secret key of the destination) that is necessary for thedeciphering process. The deciphering part 172 deciphers the encipheredmail using the public key of the destination user or the like.

[0167]FIG. 18 shows another embodiment of the secret key storage of thefourth embodiment. According to the secret key database 139 shown inFIG. 18, each network system has a secret key which is common within thenetwork system and a public key corresponding to this secret key.

[0168] As described above in conjunction with FIG. 16, the mail does nothave to be secret in the network system 101, and thus, each user doesnot need a secret key. In this case, the cryptographic communication canbe made by simply preparing a single public key which is common to eachof the users of the network system and a secret key. Therefore, it ispossible to reduce the burden on each user to manage the keys.

[0169]FIG. 19 shows an embodiment of a data structure of an encipheredmail in the fourth embodiment. FIG. 19 shows the data structure of theenciphered mail for the case where the mail made at the terminalequipment of the transmitting side network system A is enciphered in thepredetermined enciphering unit within the network system A, and in thereceiving side network system B, the enciphered mail is input to thepredetermined terminal equipment having the deciphering unit and thedeciphered mail is transferred to the terminal equipment of the networksystem B.

[0170] In FIG. 19, data 180 related to the enciphered mail includes aheader part 181, a sender's signature 186, enciphering key information187, and an enciphered text 188.

[0171] The header part 181 includes a sender's address 182, an address183 of the enciphering unit, a destination address 184, and an address185 of the deciphering unit in the destination network system. Theaddress 183 relates to the enciphering unit within the sender's networksystem A. The destination address 184 relates to the user of the networksystem B to whom the mail is to be transmitted. The address 185 relatesto the deciphering unit of the destination network system B, that is,the terminal equipment to which the deciphering unit of the destinationnetwork system B belongs.

[0172] The enciphering key information 187 relates to information suchas the secret key that is necessary to make the deciphering process whenthe mail is enciphered according to the DES system.

[0173] In a case where the destination network system which receives theenciphered mail is such that the enciphered mail is deciphered at eachterminal equipment which receives the enciphered mail, the address 185related to the deciphering unit of the destination network system is notrequired. In addition, in a case where the transmitting network systemenciphers the mail to be transmitted before outputting the same at eachterminal equipment which makes the mail, the address 183 related to theenciphering unit is not required.

[0174] Next, a description will be given of a fifth embodiment of theuser support system for cryptographic communication according to thepresent invention.

[0175]FIG. 20 shows the construction of the fifth embodiment. Moreparticularly, FIG. 20 shows the construction of an enciphering unit anda deciphering unit in conformance with the other aspect of the presentinvention described above with reference to FIG. 5. In FIG. 20, thoseparts which are the same as those corresponding parts in FIG. 14 aredesignated by the same reference numerals, and a description thereofwill be omitted.

[0176] In this fifth embodiment, the network systems 100 (A) and 102 (B)are connected to the external network 103 via respective networkconnecting equipments 123 and 132. The enciphering unit 117 is providedwithin the network connecting equipment 123, and the deciphering unit137 is provided within the network connecting equipment 143. Hence, allof the mails output from the network system 100 to the external network103 are automatically enciphered in the enciphering unit 117 within thenetwork connecting equipment 123. On the other hand, all of theenciphered mails input to the network system 101 from the externalnetwork 103 are automatically deciphered in the deciphering unit 137within the network connecting equipment 143.

[0177] In other words, in the network system 100, there are provided aterminal equipment 110′, the network 122, and the network connectingequipment 123. The network connecting equipment 123 includes theenciphering unit 117, a connection processor 200, and a controller 201.The connection processor 200 carries out processes including the processof transmitting the mail to be output to the external network 103 andthe process of receiving the mail from the external network 103addressed to the network system 100. The controller 201 controls theoperation of the network connection equipment 123.

[0178] On the other hand, in the network system 101, there are provideda terminal equipment 130′, the network 142, and the network connectingequipment 143. The network connecting equipment 143 includes thedeciphering unit 137, a connection processor 210, and a controller 211.The connection processor 210 carries out processes including the processof receiving the enciphered mail from the external network 103 addressedto the network system 101 and the process of outputting the mail to theexternal network 103. The controller 211 controls the operation of thenetwork connection equipment 143.

[0179] Accordingly, all of the mails made in the network system 100 areenciphered in the enciphering unit 117 within the network connectingequipment 123 and are output to the external network 103 via theconnection processor 200.

[0180] On the other hand, all of the enciphered mail input to thenetwork system 101 are deciphered in the deciphering unit 137 andtransferred to the destination terminal equipment 130′ of the network142.

[0181] In FIG. 20, the network system 100 and the network system 101 mayexist independently. In other words, the mail that is enciphered in theenciphering unit 117 within the network system 100 may be deciphered ateach terminal equipment that is the destination of the mail. Inaddition, the mail that is transmitted to the network system 101 may bemade in the network system 100 in which each terminal equipment thatmakes the mail enciphers the mail.

[0182]FIG. 21 is a flow chart for explaining the operation of the fourthembodiment described above. More particularly, FIG. 21 shows theoperation of the enciphering unit of the terminal equipment in thetransmitting network system.

[0183] In a step S1 shown in FIG. 21, the address of the encipheringunit 117 shown in FIGS. 14 and 15 is specified, and the enciphering unit117 receives the mail output from the network system 100 to which thisenciphering unit 117 belongs. In a step S2, the destination extractingpart 160 extracts the destination which is the terminal equipment 130(B-1) in the above described case. In a step S3, the key retrieving part161 searches the public key database 118. A step S4 decides whether ornot a public key is retrieved from the public key database 119. Theprocess advances to a step S6 if the decision result in the step S4 isNO.

[0184] On the other hand, if the decision result in the step S4 is YES,a step S5 enciphers the mail by the retrieved public key. In otherwords, the enciphering part 162 enciphers the mail using the public keyof the destination, such as the public key of the terminal equipment 130or the public key that is common to the network system 101 (B). In thestep S6, the transmitter 120 transmits the enciphered mail to thedestination. More particularly, the enciphered mail is transferred fromthe transmitter 120 to the network connecting equipment 123, and thenetwork connecting equipment 123 outputs the enciphered mail to theexternal network 103.

[0185]FIG. 22 is a flow chart for explaining the operation of the fifthembodiment described above. More particularly, FIG. 22 shows theoperation of the enciphering unit of the terminal equipment in thetransmitting network system. Reference should be made to FIGS. 14, 15and 20 described above.

[0186] In a step S1 a shown in FIG. 22, the network connecting equipment123 shown in FIG. 20 receives the mail to be output to the externalnetwork 103. In a step S2, the destination extracting part 160 of theenciphering unit 117 extracts the destination which is the terminalequipment 130′ (B-1) in the above described case. In a step S3, the keyretrieving part 161 searches the public key database 118. A step S4decides whether or not a public key is retrieved from the public keydatabase 119. The process advances to a step S6 if the decision resultin the step S4 is NO.

[0187] On the other hand, if the decision result in the step S4 is YES,a step S5 enciphers the mail by the retrieved public key. In otherwords, the enciphering part 162 enciphers the mail using the public keyof the destination, such as the public key of the terminal equipment130′ or the public key that is common to the network system 101 (B). Inthe step S6, the transmitter 120 transmits the enciphered mail to thedestination. More particularly, the enciphered mail is transferred fromthe transmitter 120 to the external network 103 to be transmitted to thedestination

[0188]FIG. 23 is a flow chart for explaining the operation of the fourthembodiment described above. More particularly, FIG. 23 shows theoperation of the deciphering unit of the terminal equipment in thereceiving network system.

[0189] In a step S21 shown in FIG. 23, the deciphering unit 137 shown inFIGS. 14 and 17 of the specified terminal equipment on the receiving endreceives the mail. In the above described case, the deciphering unit 137of the terminal equipment 135 (B-2) receives the mail, In a step S22,the enciphered mail extracting part 169 decides whether or not thereceived mail is an enciphered mail. In other words, the enciphered mailextracting part 169 determines whether the received mail is anenciphered mail or a normal mail. The process advances to a step S27 ifthe decision result in the step S22 is NO.

[0190] On the other hand, if the decision result in the step S22 is YES,the destination extracting part 170 extracts the destination which isthe terminal equipment 130 (B-1) in the above described case in a stepS23. In a step S24, the key retrieving part 171 searches the secret keydatabase 139, and a step S25 decides whether or not a secret key isretrieved from the secret key database 139. The process advances to thestep S27 if the decision result in the step S25 is NO.

[0191] If the decision result in the step S25 is YES, the decipheringpart 172 deciphers the enciphered mail using the secret key of thedestination in a step S26, such as secret key of the terminal equipment130 and the secret key that is common to the network system 101.Finally, a step S27 transmits the deciphered mail to the destinationwhich is the terminal equipment 130 in the above described case.

[0192]FIG. 24 is a flow chart for explaining the operation of the fifthembodiment described above. More particularly, FIG. 24 shows theoperation if the deciphering unit of the terminal equipment in thereceiving network system. Reference should be made to FIGS. 14, 17 and20 described above.

[0193] In a step S21 a shown in FIG. 24, the deciphering unit 137 shownin FIGS. 14 and 17 of the destination network connecting equipmentreceives the mail. In the above described case, the deciphering unit 137of the network connecting equipment 143 of the network system 101 (B)shown in FIG. 20 receives the mail. In a step S22, the enciphered mailextracting part 169 decides whether or not the received mail is anenciphered mail. In other words, the enciphered mail extracting part 169determines whether the received mail is an enciphered mail or a normalmail. The process advances to a step S27 if the decision resultin thestep S22 is NO.

[0194] On the other hand, if the decision result in the step S22 is YES,the destination extracting part 170 extracts the destination which isthe terminal equipment 130 (B-1) in the above described case in a stepS23. In a step S24, the key retrieving part 171 searches the secret keydatabase 139, and a step S25 decides whether or not a secret key isretrieved from the secret key database 139. The process advances to thestep S27 if the decision result in the step S25 is NO.

[0195] If the decision result in the step S25 is YES, the decipheringpart 172 deciphers the enciphered mail using the secret key of thedestination in a step S26, such as secret key of the terminal equipment130 and the secret key that is common to the network system 101.Finally, a step S27 transmits the deciphered mail to the destinationwhich is the terminal equipment 130 in the above described case.

[0196] Further, the present invention is not limited to theseembodiments, but various variations and modifications may be madewithout departing from the scope of the present invention.

What is claimed is
 1. A user support system for cryptographic communication comprising: key storage means for storing keys used for deciphering; deciphering means for deciphering an enciphered communication text into a deciphered communication text using a key; and control means for starting said deciphering means only when an input communication text is the enciphered communication text and for supplying said key that is necessary for the deciphering in said deciphering means by retrieving said key from said key storage means.
 2. The user support system as claimed in claim 1, which further comprises: receiver means for receiving said input communication text and for supplying said input communication text to said control means; and output means for outputting said deciphered communication text obtained from said deciphering means, said control means including means for determining whether said input communication text is the enciphered communication text or a normal communication text.
 3. The user support system as claimed in claim 2, wherein said receiver means, said key storage means, said deciphering means, said control means and said output means form a deciphering unit.
 4. The user support system as claimed in claim 2, which further comprises: communication text storage means for storing input communication texts when received; and timer means for determining periodical accesses to said communication text storage means via said control means to retrieve the input communication text from said communication text storage means if stored so that the input communication text retrieved from said communication text storage means is input to said receiver means, said communication text storage means being provided for use in common within a network system to which said user support system belongs.
 5. The user support system as claimed in claim 2, which further comprises: signature check means for making a signature check with respect to said deciphered communication text obtained from said deciphering means and for outputting a signature check result, said output means outputting said signature check result from said signature check means.
 6. The user support system as claimed in claim 5, which further comprises: communication text storage means for storing input communication texts when received; and timer means for determining periodical accesses to said communication text storage means via said control means to retrieve the input communication text from said communication text storage means if stored so that the input communication text retrieved from said communication text storage means is input to said receiver means, said communication text storage means being provided for use in common within a network system to which said user support system belongs.
 7. The user support system as claimed in claim 6, wherein said communication text storage means stores the deciphered communication text obtained in said deciphering means and the signature check result from said signature check means when the signature exists. 8.The user support system as claimed in claim 5, wherein said signature check means makes the signature check while said deciphering means outputs the deciphered communication text under a control of said control means.
 9. The user support system as claimed in claim 1, which further comprises: enciphering means for enciphering a communication text into an enciphered communication text which is to be transmitted using a key, said key storage means further storing keys used for enciphering, said control means starting said enciphering means only when an input communication text is the communication text to be transmitted by a cryptographic communication and for supplying said key that is necessary for the enciphering in said enciphering means by retrieving said key from said key storage means.
 10. A user support system for cryptographic communication in a network system in which a first system and a second system are connected via an external network, said user support system comprising: an enciphering unit, provided in the first system, enciphering a communication text to be output to the external network, said enciphering unit comprising: a first receiver receiving the communication text which is made in the first system and is to be transmitted via the external network; a first key storage storing keys necessary for a cryptographic communication; a first key retrieving part retrieving a key from said first key storage based on a destination of the communication text; an enciphering part enciphering the communication text into an enciphered communication text using the key retrieved by said key retrieving part; and a first transmitter transmitting the enciphered communication text from said enciphering part to the external network.
 11. The user support system as claimed in claim 10, wherein the first system forms an internal network system, and said enciphering unit is provided in an arbitrary equipment within the internal network system.
 12. The user support system as claimed in claim 11, wherein said arbitrary equipment is selected from a group consisting of a terminal equipment within the internal network system, and a network connecting equipment within the internal network system and connecting the first system to the external network.
 13. The user support system as claimed in claim 10, wherein the first system forms an internal network system, said enciphering unit is provided in a network connecting equipment connecting the first system to the external network, and said enciphering unit automatically enciphers all communication texts output from the first system to the external network.
 14. The user support system as claimed in claim 10, wherein said first key storage stores a common key that is used in common within the first system, and said enciphering unit automatically enciphers the communication text using the common key.
 15. The user support system as claimed in claim 10, which further comprises: a deciphering unit, provided in the second system, deciphering the enciphered communication text input via the external network, said deciphering unit comprising: a second receiver receiving a communication text input via the external network; a deciphered mail extracting part determining whether the communication text received by said second receiver is an enciphered communication text or a normal communication text and extracting the enciphered communication text; a second key storage storing keys necessary for the cryptographic communication; a second key retrieving part retrieving from said second key storage a key that is necessary for deciphering the enciphered communication text when said deciphered mail extracting part extracts the enciphered communication text; a deciphering part deciphering the enciphered communication text into a deciphered communication text using the key retrieved by said second key retrieving part; and a second transmitter transmitting the deciphered communication text from said deciphering part to a destination of the deciphered communication text within the second system.
 16. A user support system for cryptographic communication in a network system in which a first system and a second system are connected via an external network, said user support system comprising: a deciphering unit, provided in the second system, deciphering the enciphered communication text input via the external network, said deciphering unit comprising: a receiver receiving a communication text input via the external network; a deciphered mail extracting part determining whether the communication text received by said receiver is an enciphered communication text or a normal communication text and extracting the enciphered communication text; a key storage storing keys necessary for the cryptographic communication; a key retrieving part retrieving from said key storage a key that is necessary for deciphering the enciphered communication text when said deciphered mail extracting part extracts the enciphered communication text; a deciphering part deciphering the enciphered communication text into a deciphered communication text using the key retrieved by said key retrieving part; and a transmitter transmitting the deciphered communication text from said deciphering part to a destination of the deciphered communication text within the second system.
 17. The user support system as claimed in claim 16, wherein the second system forms an internal network system, and said deciphering unit is provided in an arbitrary equipment within the internal network system and automatically deciphers the enciphered communication text input from the external network to output the deciphered communication text to the destination within the internal network system.
 18. The user support system as claimed in claim 17, wherein said arbitrary equipment is selected from a group consisting of a terminal equipment within the internal network system, and a network connecting equipment within the internal network system and connecting the second system to the external network.
 19. The user support system as claimed in claim 16, wherein the second system forms an internal network system, said deciphering unit is provided in a network connecting equipment connecting the second system to the external network, and said deciphering unit automatically deciphers all enciphered communication texts input from the external network to output the deciphered communication texts to the destination within the internal network system.
 20. The user support system as claimed in claim 16, wherein said key storage stores a common key that is used in common within the second system, and said deciphering unit automatically deciphers the enciphered communication text using the common key. 